The fact Apple missed logins to hundreds of accounts over time from a single ip registered probably to Spectrum or Verizon ISP is a little suspect. Then again, there are probably public ips with a nat with thousands of iphones behind it at times. This might be a really hard one to detect even though it's sloppy.
Companies regularly NAT many thousands of users behind a single public IP. Additionally non-profits, schools, and others often provide WiFi for their guests/students using a supposedly residential internet account or their ISP doesn't segment basic business IPs from residentials.
In any case flagging multiple accounts logging in from a single public IP is not as useful a signal as you might think.
Given that the accused was arrested in 2007 for similar sex crimes while a Geek Squad employee, one must imagine that heβs been up to this for years.
Apple itself is currently obsoleting IP-based account theft heuristics with their iCloud VPN, so they might have stopped relying on it internally already :)
